CVE-2024-5060

The WordPress plugin WordPress: LottieFiles – JSON Based Animation Lottie & Bodymovin for Elementor is vulnerable to Stored Cross-Site Scripting (XSS) in versions up to 1.10.9 due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at Contributor lev...